Microsoft fends off massive DDoS attack on Azure
On Monday, Microsoft repelled a gigantic DDoS attack on its cloud platform Azure. The attack lasted about 10 minutes and reached a maximum volume of 2.4 Tbps. This makes it the largest attack on the Azure network and one of the largest DDoS attacks ever. The attack targeted an unnamed European Azure customer.
Shutting down services with a botnet
The large-scale DDoS attack was believed to have been carried out by a large botnet of some 70,000 infected devices from Asia and the US. According to Microsoft, the high volume was achieved by applying UDP Reflection. Such a reflected amplificationattack abuses the UDP protocol to increase the amount of malicious traffic by a factor of 50 or more. For example, the attacker sends 64 bytes of data requests to the botnet, after which each device in the botnet forwards the requests to the target. The botnet then bombards the target network with millions of packets of more than 3,400 bytes each. As a result, a website or service is flooded with the amount of data, making it difficult or no longer accessible for legitimate visitors and users.
Just no record
The 10-minute attack consisted of three waves with a volume of 2.4 Tbps, 0.55 Tbps, and 1.7 Tbps. At 2.4 Tbps, the attack was therefore slightly smaller than the ‘world record’ of more than 2.5 Tbps in an attack on Amazon in October 2020. Microsoft fends off such attacks by detecting the high volumes of data early. Microsoft then almost immediately funnels large amounts of this data to special servers in the attacker’s region ( mitigation pipelines ). As a result, the malicious data never reaches the target’s servers and the website or service remains accessible for (in this case) users from Europe.
Catch up on more articles here
Follow us on Twitter here